Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Advice on changing MTU needed, due to VPN constantly disconnection

Status
Not open for further replies.
rmhrc

rmhrc

IS-IT--Management
Aug 17, 2001
28
GB
I have searched many threads on here, and many seem to suggest changing the MTU. Here is my scenario:

Basically I am running 2 VPN's to 2 remote offices, over SDSL, and they're connection keeps dropping (eg Outlook constantly loses its connection). Also, when I try to remote desktop to one of their pc's, I only get about 30 seconds out of it, then lose the connection. Surfing the internet on both sides is absolutely fine, so I'm guessing its nothing to do with our SDSL itself.

Each of the 3 sites has a D-Link firewall, of which allow you to change the MTU. I have ascertained that our optimum is 1424, using TCPoptimizer.

My first question is: Is it enough to just change the MTU's on each firewall, or do you need to do it on the remote client's pc too?

I have tried changing the MTU to 1424 on all firewalls, and also on my own pc (using a registry change I found on here), but having tried another remote desktop connection, the problem is still happening.

My second question is: Is it worth me trying to lower it any further, and if so, how low should you realistically go? I have heard 576 mentioned.

And thirdly, could it be something else? Any help would be much appreciated.
 
Sort by date Sort by votes
For VPN, you can try to setup 1400. this page may help,

How to change mtu
... use a fixed maximum transmission unit (MTU) size of 1500 bytes for all PPP
connections and use a fixed MTU size of 1400 bytes for all VPN connections. ...

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on
 
Upvote 0 Downvote
Should I be setting the MTU on the clients as well as the firewalls?
 
Upvote 0 Downvote
Personally I would not use a default fixed MTU at the router
or in the registry setting, especially in the registry, as this affect the internal network, fixed is for a Windows RAS VPN setup.
Each broadband line can have packet losses from routers along the path, each individual line can be different.

Use the TCP Optimizer tool below, discover the optimal MTU size to set at the router, then pathping from the office to the remotes public address or from the remote to the office public address, if the MTU is set correctly you should have few if any lost packets. For an explanation, search "Black hole router". You might try the pathping command first, to see how many lost packets you are now getting



........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
685
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
473
sircles
sircles
F
  • Locked
  • Solved
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
1
Views
2K
FrankSider12
F
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
514
GlobeTrekkerGal
GlobeTrekkerGal
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
422
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top